WSSMToken Consumer not found

Using IBM Security Federated Identity Manager (TFIM) I ran into some errors following the guide in the WSSM Web services security installation guide for the echo service application.

Whenever I started either the application or the client, I got an error similar to that below:

[9/20/12 18:01:14:500 EST] 0000003b ConfigUtil    E   
    WSEC5007E: Class 
    "com.tivoli.am.fim.wssm.tokenconsumers.WSSMTokenConsumer" not found.
[9/20/12 18:01:14:501 EST] 0000003b WSEMFRequestC W 
     WSEC5008E: Unable to instantiate the class 
    "com.tivoli.am.fim.wssm.tokenconsumers.WSSMTokenConsumer".
[9/20/12 18:01:14:501 EST] 0000003b SecurityHooks E   
    WSWS1042E: An error occurred in loading the configuration for 
com.ibm.ws.webservices.wssecurity.handler.WSEMFRequestConsumerConfig. 
The exception is com.ibm.wsspi.wssecurity.SoapSecurityException: 
WSEC5371E: TokenConsumer: classname attribute is required:
 com.ibm.ws.webservices.wssecurity.confimpl.
PrivateConsumerConfig$TokenConsumerConfImpl
(className=[com.tivoli.am.fim.wssm.tokenconsumers.WSSMTokenConsumer], 
usage=[Required], type=[{urn:oasis:names:tc:SAML:1.0:assertion}Assertion], 
trustedIdEvaluator=[null], trustAny=[false], provider=[null], 
pkixBuilderParams=[null], callerRequired=[true], 
callerProperties=[{com.ibm.wsspi.wssecurity.caller.tokenConsumerLN=Assertion, 
com.ibm.wsspi.wssecurity.caller.tokenConsumerNS=urn:oasis:names:tc:SAML:1.0:
assertion}], trustMethodRequired=[false], trustMethodProperties=[null], 
jaasConfig=[system.itfim.wssm.tam], jaasConfigProperties=[{}], 
usedForVerification=[false], usedForDecryption=[false], 
certPathSettingsAcquired=[false], isDefault=[false], 
properties=[{com.ibm.wsspi.wssecurity.token.decouple=true, 
com.ibm.wsspi.wssecurity.core.NonceMaxAge=300, 
com.ibm.wsspi.wssecurity.core.NonceClockSkew=0}]).

At first I thought it was related to this:
http://www-01.ibm.com/support/docview.wss?uid=swg1PM30683

And I upgraded the WAS fixpack, to no avail, and then, I checked and re-checked my configuration, to find that I had messed up the shared library configuration. (Which was naturally my first instinct, but it all looked right…)

But I’ll let you spot the difference.

44957629-spotdifference

Anyway, thought I’d post this here, since I’d somehow replicated this configuration on two separate machines such that they were both giving me the same error…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

WordPress.com.

Up ↑

%d bloggers like this: